Multiple Backdoors Found in Dlink DWR-932B

If you have a D-Link router similar to the DWR-932 B LTE, you might want to just give it up instead of waiting for a prolonged firmware upgrade. The D-Link DWR-932 B LTE is found to have more than 20 risks, including backdoor accounts, default certificates, leaked certificates, vulnerabilities in firmware upgrades, and unsecured un-debugged structures.

If an attacker succeeds in exploiting these vulnerabilities, he or she can remotely hijack and control your router. This will make all the devices and networks connected together vulnerable to the threat of middleman and DNS attacks. In addition, the router under attack is also likely to be used by cybercriminals for DDoS attacks. Just like the record-breaking DDoS attack we witnessed not long ago — the hacker used more than 150,000 hacked smart devices after the launch of the network.

Dlink is a multinational networking equipment manufacturing corporation and the router has been in a number of countries for the Internet to provide LTE network services. Security researcher Pierre Kim published a blog post describing the vulnerabilities he found in the device.

According to Kim, “in the configuration of the vulnerable router where there are no permission rules, an attacker can forward everything from the WAN into the LAN. For example, an attacker can add a forwarding rule in order to allow traffic from the Internet to local Exchange servers, mail servers, ftp servers, http servers, database servers… In fact, this lack of security allows a local user to forward whatever they want from the Internet into the LAN.”

“A personal point of view: at best, the vulnerabilites are due to incompetence; at worst, it is a deliberate act of security sabotage from the vendor. Not all the vulnerabilities found have been disclosed in this advisory. Only the significant ones are shown.” wrote Kim. “Due to lack of security patches provided by the vendor, the vulnerabilities will remain unpatched and customers with questions should contact their local/regional D-Link support office for the latest information.”